Back in December 2011 one of my WordPress blogs was hacked. Stupidly I had not made a backup of the database but it wasn't a big site and I had a copy of all of the post content.
When I reported this to my host (Mochahost.com) they were adament that it was not a problem with the server and that my WordPress installation must have been out of date. I was sure it was up to date but I left it at that. I re-entered all of the content manually.
This week end (so 4 months later) the same blog was hacked again and was displaying a similar message from the hacker, complete with all the usual cliches (a skull, typoz, greetz, etc.) This time I am 100% sure it was up to date because I had set a reminder in Outlook to check every week, and there had not been a new version since January. All of the plugins were up to date as well.
Again, my host insists it is caused by WordPress. However I find this hard to believe because I had 14 WordPress installations with various different ISPs and none of the others have ever been hacked.
Should I be looking at ditching them or are they right to blame WordPress apparently without doing any investigation?